Google Project Zero's recent tweaking of its vulnerability disclosure window reflects how researchers are taking into account patch adoption when mulling disclosure policies.
The high-severity Dell flaws could allow local attackers to gain kernel-mode privileges.
Researchers shed light on the FiveHands ransomware, which was deployed after a threat group exploited a now-patched SonicWall flaw in January.
Attackers exploited a previously-disclosed flaw in Fortinet VPN servers in order to hit European industrial firms with the Cring ransomware.
Attackers are targeting SAP enterprise applications that have not been updated to address previously-fixed flaws, researchers warn.